IntroVirt/Domain_8hh_source.html

/*

 * Copyright 2021 Assured Information Security, Inc.

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *         http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

#pragma once


#include <introvirt/core/arch/x86/PageDirectory.hh>

#include <introvirt/core/breakpoint/Breakpoint.hh>

#include <introvirt/core/breakpoint/SingleStep.hh>

#include <introvirt/core/breakpoint/Watchpoint.hh>

#include <introvirt/core/domain/Guest.hh>

#include <introvirt/core/event/EventCallback.hh>

#include <introvirt/core/fwd.hh>

#include <introvirt/core/memory/GuestMemoryMapping.hh>

#include <introvirt/core/memory/guest_ptr.hh>

#include <introvirt/util/compiler.hh>


#include <cstdint>

#include <functional>

#include <memory>

#include <string>

#include <vector>


namespace introvirt {


class Domain {

  public:

    virtual std::shared_ptr<Breakpoint> create_breakpoint(const guest_ptr<void>& address,

                                                          std::function<void(Event&)> callback) = 0;


    virtual std::unique_ptr<Watchpoint> create_watchpoint(const guest_ptr<void>& address,

                                                          uint64_t length, bool read, bool write,

                                                          bool execute,

                                                          std::function<void(Event&)> callback) = 0;


    virtual std::unique_ptr<SingleStep> single_step(Vcpu& vcpu,

                                                    std::function<void(Event&)> callback) = 0;


    virtual bool detect_guest() = 0;


    virtual Guest* guest() = 0;


    virtual const Guest* guest() const = 0;


    virtual std::string name() const = 0;


    virtual uint32_t id() const = 0;


    virtual Vcpu& vcpu(uint32_t index) = 0;


    virtual const Vcpu& vcpu(uint32_t index) const = 0;


    virtual uint32_t vcpu_count() const = 0;


    virtual const x86::PageDirectory& page_directory() const = 0;


    virtual void poll(EventCallback& callback) = 0;


    virtual void interrupt() = 0;


    virtual void pause() = 0;


    virtual void resume() = 0;


    virtual TaskFilter& task_filter() = 0;


    virtual SystemCallFilter& system_call_filter() = 0;


    virtual const SystemCallFilter& system_call_filter() const = 0;


    virtual const Hypervisor& hypervisor() const = 0;


    virtual std::shared_ptr<GuestMemoryMapping> map_pfns(const uint64_t* pfns,

                                                         size_t count) const = 0;


    virtual void intercept_system_calls(bool enabled) = 0;


    virtual void intercept_cr_writes(int cr, bool enabled) = 0;


    virtual void suspend_event(Event& event) = 0;


    virtual void suspend_event_step(Event& event) = 0;


    static Domain& thread_local_domain();


    virtual ~Domain() = default;

};


} // namespace introvirt

Breakpoint.hh

EventCallback.hh

GuestMemoryMapping.hh

Guest.hh

PageDirectory.hh

SingleStep.hh

Watchpoint.hh

introvirt::Domain
A class representing a single Domain.
Definition Domain.hh:44

introvirt::Domain::suspend_event_step
virtual void suspend_event_step(Event &event)=0
Mark an event as suspended for single step.

introvirt::Domain::vcpu
virtual const Vcpu & vcpu(uint32_t index) const =0
Get a vcpu by index.

introvirt::Domain::name
virtual std::string name() const =0
Get the name of the Domain, if it exists.

introvirt::Domain::intercept_cr_writes
virtual void intercept_cr_writes(int cr, bool enabled)=0
Toggle control register write interception on all VCPUs.

introvirt::Domain::detect_guest
virtual bool detect_guest()=0
Attempt guest OS detection.

introvirt::Domain::intercept_system_calls
virtual void intercept_system_calls(bool enabled)=0
Toggle system call interception for all VCPUs.

introvirt::Domain::vcpu_count
virtual uint32_t vcpu_count() const =0
Get the number of vcpus in the Domain.

introvirt::Domain::create_breakpoint
virtual std::shared_ptr< Breakpoint > create_breakpoint(const guest_ptr< void > &address, std::function< void(Event &)> callback)=0
Create an execution breakpoint.

introvirt::Domain::poll
virtual void poll(EventCallback &callback)=0
Poll for events and deliver them to the callback.

introvirt::Domain::vcpu
virtual Vcpu & vcpu(uint32_t index)=0
Get a vcpu by index.

introvirt::Domain::guest
virtual Guest * guest()=0
Get the guest detected by detect_guest()

introvirt::Domain::system_call_filter
virtual SystemCallFilter & system_call_filter()=0
Get the system call filter for this Domain.

introvirt::Domain::~Domain
virtual ~Domain()=default
Destroy the instance.

introvirt::Domain::hypervisor
virtual const Hypervisor & hypervisor() const =0
Gets the hypervisor that the Domain is running on.

introvirt::Domain::thread_local_domain
static Domain & thread_local_domain()
Get the domain for the current thread.

introvirt::Domain::interrupt
virtual void interrupt()=0
Interrupt a poll() call.

introvirt::Domain::single_step
virtual std::unique_ptr< SingleStep > single_step(Vcpu &vcpu, std::function< void(Event &)> callback)=0
Start single stepping a VCPU.

introvirt::Domain::task_filter
virtual TaskFilter & task_filter()=0
Get the task filter for this domain.

introvirt::Domain::id
virtual uint32_t id() const =0
Get the id of the Domain.

introvirt::Domain::map_pfns
virtual std::shared_ptr< GuestMemoryMapping > map_pfns(const uint64_t *pfns, size_t count) const =0
Map a list of pfns into our address space.

introvirt::Domain::suspend_event
virtual void suspend_event(Event &event)=0
Mark an event as suspended.

introvirt::Domain::pause
virtual void pause()=0
Pause the entire Domain.

introvirt::Domain::create_watchpoint
virtual std::unique_ptr< Watchpoint > create_watchpoint(const guest_ptr< void > &address, uint64_t length, bool read, bool write, bool execute, std::function< void(Event &)> callback)=0
Create a watchpoint on guest memory (e.g. break on read/write)

introvirt::Domain::system_call_filter
virtual const SystemCallFilter & system_call_filter() const =0
Get the system call filter for this Domain.

introvirt::Domain::page_directory
virtual const x86::PageDirectory & page_directory() const =0
Get the page directory for address translation.

introvirt::Domain::guest
virtual const Guest * guest() const =0
Get the guest detected by detect_guest()

introvirt::Domain::resume
virtual void resume()=0
Resume the Domain.

introvirt::EventCallback
Interface for an event poller callback.
Definition EventCallback.hh:29

introvirt::Event
Interface class for hypervisor events.
Definition Event.hh:43

introvirt::Guest
Base interface for a Guest.
Definition Guest.hh:35

introvirt::Hypervisor
Abstract class for managing a hypervisor.
Definition Hypervisor.hh:48

introvirt::SystemCallFilter
Base class for system call filtering.
Definition SystemCallFilter.hh:35

introvirt::TaskFilter
Filter to remove events based on task.
Definition TaskFilter.hh:34

introvirt::Vcpu
A class representing a single virtual processor.
Definition Vcpu.hh:33

introvirt::basic_guest_ptr
Definition guest_ptr.hh:88

compiler.hh

fwd.hh

guest_ptr.hh
Type-safe guest virtual address pointer and guest_ptr template.

introvirt
Core IntroVirt classes.
Definition Cr0.hh:20